1. Field of the Invention
The invention relates generally to systems and methods of managing profile data for a plurality of computers and, more particularly, to systems and methods of managing profile data to conduct and report the results of software update and patch audits.
2. Background Information
A computer profile includes computer configuration data, such as data that identifies the computer hardware and software. The profile may also include other information, such as, for example, associated software license information, performance data, and other user specified data. In a prior system for managing a computer information database that contains computer profile data, a profile group managing server manages the data according to a tree-structured grouping of the computers. The tree structure, which is designated by the system administrator, may, for example, follow the organizational chart of a company, with the top level node, or group, corresponding to the company and lower level nodes, or groups, corresponding to the various branch offices, and so forth. In the example, the computers may be grouped according to their IP subnets that correspond to the branch offices. The profile group managing server then manipulates the profile data to produce reports that summarize the attributes of the computers at every group level, with reports for a given group including the profile data for all computers in the sub-tree that has the group as its root. A user can then utilize the summaries that are of interest. In the example, a user in a particular branch office may be interested only in information for the computers in that office, and thus, use only reports produced for the particular branch office's group. However, a user in the company head office may be interested in information for all company computers, and thus, use the reports produced for the company group. One such computer information database management system is the BelManage system (version 6) produced by Belarc, Inc., of Maynard, Mass., which is the Assignee of the current invention.
One of the major problems in managing networks as a whole and the various groups within the network is ensuring that network security is maintained through the installation of required software updates and patches, such as, for example, Microsoft Hotfixes and Service Packs. In a similar way, it is a major problem to ensure that non-security related software updates and patches, such as those repair program errors that impact employee productivity, are installed. For convenience, we refer to the respective updates and patches hereinafter as “hotfixes” and the related audits as “security audits.”Certain hotfixes may be appropriate for the entire network, while others are appropriate for certain groups of computers or for particular computers within the groups, depending on the operating system platforms to which the respective hotfixes apply and/or the dictates of the network system administrator or the administrators of the various groups. The network management problems are further compounded by changes to the group memberships, alterations to operating system platforms, releases of new hotfixes, changes to the network and/or group security/hotfix requirements, and so forth. Accordingly, using prior systems, it is a major undertaking to perform the security audits, that is, to determine if the respective computers and/or groups thereof comply with applicable network security/hotfix requirements and to report the results in a meaningful way.